AWS Cloud Practitioner

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

How many availability zones does each region contain

2 or more

A distributed relational database service by Amazon Web Services. It is a web service running "in the cloud" designed to simplify the setup, operation, and scaling of a relational database for use in applications.

Amazon RDS

A company currently stores data for on-premises applications on local drives. The chief technology officer wants to reduce hardware costs by storing the data in Amazon S3 but does not want to make modifications to the applications. To minimize latency, frequently accessed data should be available locally. What is a reliable and durable solution for a solutions architect to implement that will reduce the cost of local storage? A) Deploy an SFTP client on a local server and transfer data to Amazon S3 using AWS Transfer for SFTP. B) Deploy an AWS Storage Gateway volume gateway configured in cached volume mode. C) Deploy an AWS DataSync agent on a local server and configure an S3 bucket as the destination. D) Deploy an AWS Storage Gateway volume gateway configured in stored volume mode.

B - An AWS Storage Gateway volume gateway connects an on-premises software application with cloudbacked storage volumes that can be mounted as Internet Small Computer System Interface (iSCSI) devices from on-premises application servers. In cached volumes mode, all the data is stored in Amazon S3 and a copy of frequently accessed data is stored locally.

Lets you create infrastructure as code A) AWS CodeDeploy B) AWS CloudFormation C) AWS CodeCommit D) Amazon Kinesis

B) AWS CloudFormation

A service that is helpful for auditing your AWS resources, it doesn't store any compliance-related documents which are mentioned in the scenario. This simply is a service that enables governance, compliance, operational auditing, and risk auditing of your AWS account. A) AWS Trusted Advisor B) AWS CloudTrail C) AWS Artifact D) AWS Certificate Manager

B) AWS CloudTrail

Which of the following AWS services provides a security management tool to configure your AWS WAF rules across your accounts. A) AWS Resource Access Manager B) AWS Firewall Manager C) Amazon GuardDuty D) AWS Trusted Advisor

B) AWS Firewall Manager

A fully-managed database service which means that you won't be able to manage the underlying guest operating system or apply the required updates and security patches. A) Amazon EC2 B) Amazon Aurora C) Amazon DocumentDB D) Amazon DynamoDB

D) Amazon DynamoDB

A data streaming service in AWS A) AWS CodeDeploy B) AWS CloudFormation C) AWS CodeCommit D) Amazon Kinesis

D) Amazon Kinesis

AWS Relational DB options

Microsoft SQL Oracle MySql

Used to configure an instance during launch or to run a configuration script.

User Data

What are the General Purpose EC2s?

mac, T4g, T3, T3a, T2, M6, M5, M4

Pillar that includes the ability to protect data, systems, and assets to take advantage of cloud technologies to improve your security.

Security Pillar

What areas are the customer responsible for regarding Security in the Cloud

1) Customer Data 2) Platform, Applications, Identity & Access Mangement 3) Operating System, Network & Firewall Configuration 4) Client Side Data 5) Server Side Encryption 6) Network Traffic Protection and Encryption

General Purpose EC2

A1, T3, T3a, M4, M5

a fully managed service that makes it easy for you to deploy from source code or a container image directly to a scalable and secure web application.

AWS App Runner

A basic support plan for AWS

AWS Technical Account Manager

Contextual guidance on how services fit together to meet your specific use-case, workload, or application.

Architecture Support

What is Glacier / Deep Archive

Archived rarely accessed data storage

A server whose purpose is to provide access to a private network from an external network, such as the Internet. Because of its exposure to potential attack, a bastion host must minimize the chances of penetration.

Bastion Host

What are some Compute Optimized EC2 families

C6g, C6gn, C5, C5a, C5n, C4

Pillar includes the ability to run systems to deliver business value at the lowest price point

Cost Optimization pillar

A fully managed proprietary NoSQL database service that supports document data structures and has limited support for MongoDB workloads up to MongoDB version 3.6 and version 4.0.

DocumentDB

A key-value and document database that delivers single-digit millisecond performance at any scale. It's a fully managed, multi-region, multi-active, durable database with built-in security, backup and restore, and in-memory caching for internet-scale applications. It can handle more than 10 trillion requests per day and can support peaks of more than 20 million requests per second.

DynamoDB

Can transfer data from on premises storage to S3, EFS and FSx

EFS DataSync.

Indicates a change in an environment such as an AWS environment, a SaaS partner service or application, or one of your applications or services. The following are examples of events:

Event

A pipeline that receives events. Rules associated with the event bus evaluate events as they arrive. Each rule checks whether an event matches the rule's criteria.

Event Bus

There are four best practice areas for reliability in the cloud:

Foundations Workload Architecture Change Management Failure Management

What are some of the Storage Optimized Families

I3, D2, D3 and H1

Storage Based EC2s

I3, I3en, D2, H1

All current EC2 instance types include :

Intel AES-NI Intel AVX

What is S3 Standard IA

Long Lived Storage infrequently accessed

ElastiCache supports two open-source in-memory caching engines:

Memcached and Redis.

What instances are designed to deliver fast performance for workloads that process large data sets in memory.

Memory Optimized

Assist you in consultative reviews of your cloud operations and gives advice for optimization.

Operations Support

Operational excellence in the cloud is composed of four areas:

Organization Prepare Operate Evolve

S3 API that allows you to upload a single object as a set of parts. After all parts of your object are uploaded, Amazon S3 then presents the data as a single object.

S3 Multipart Uploads

What are the s3/ Amazon S3 Glacier Storage Classes

S3 Standard S3 Standard IA S3 One Zone 1A Amazon Glacier/Deep Archives3/

There are four best practice areas for performance efficiency in the cloud:

Selection Review Monitoring Tradeoffs

This is only a capability that Amazon Athena provides. You only pay for the queries that you run and get better performance by compressing, partitioning, and converting your data into columnar formats. Since the question asks about the benefits of CloudFront, this option is wrong.

Serverless Interactive Query

A portable, rugged, and secure device for edge computing and data transfer. You can use this to collect, process, and move data to AWS, either offline by shipping the device to AWS, or online by using AWS DataSync holds 8 terrabytes

Snowcone

Guidance, configuration, and troubleshooting of AWS interoperability with many common operating systems, platforms, and application stack components.

Third-Party Software Support

Success is the achievement of business outcomes as measured by the metrics you define. By understanding the health of your workload and operations, you can identify when organizational and business outcomes may become at risk, or are at risk, and respond appropriately. To be successful, you must be able to:

Understanding Workload Health Understanding Operational Health Responding to Events

Used to connect two or more VPCs.

VPC Peering

Policy is used to lock the data permanently; it has nothing to do with retrieval policies

WORM policy

What is CloudFront

a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users.

A document that defines who can access a particular bucket or object. Each bucket and object in Amazon S3 has an ACL. The document defines what each type of user can do, such as write and read permissions.

access control list (ACL)

The combination of an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). You use access keys to sign API requests that you make to AWS.

access key

Break down of EC2 name m5.large

m = Family Name 5 = Generation Number large = size of instance

In the Five Pillars Organization Priorities are defined as

1) Evaluate external customer needs 2) Evaluate internal customer needs 3) Evaluate governance requirements 4) Evaluate external compliance requirements 5) Evaluate threat landscape 6) Evaluate tradeoffs 7) Manage benefits and risks

Your team should be able to understand the health of your operations easily. You will want to use metrics based on operations outcomes to gain useful insights. You should use these metrics to implement dashboards with business and technical viewpoints that will help team members make informed decisions.

1) Identify key performance indicators 2) Define operations metrics 3) Collect and analyze operations metrics 4) Establish operations metrics baselines 5) Learn expected patterns of activity for operations 6) Alert when workload outcomes are at risk 7) Alert when operations anomalies are detected 8) Validate the achievement of outcomes and the effectiveness of KPIs and metrics:

To Understand Workload Health you must do the following:

1) Identify key performance indicators 2) Define workload metrics 3) Collect and analyze workload metrics 4) Establish workload metrics baselines 5) Learn expected patterns of activity for workload 6) Alert when workload outcomes are at risk 7) Alert when workload anomalies are detected 8) Validate the achievement of outcomes and the effectiveness of KPIs and metrics:

Supported DB engines for DB instance classes

1) MariaDB 2) Microsoft SQL Server 3) MySQL 4) Oracle 5) PostgreSQL

What are the EC2 Pricing Options

1) On Demand Instances 2) Reserved Instances 3) Savings Plans 4) Spot Instances

What are some benefits of AMI

1) Repeatability 2) Reusability 3) Recoverability 4) Marketplace Solutions 5) Backups

The five pillars of AWS Well Architected Framework

1) Security 2) Reliability 3) Cost Optimization 4) Performance Efficiency 5) Operational Excellence

What areas is AWS responsible for regarding Security in the Cloud

1) Software 2) Compute, Storage, DB, Networking 3) Hardware 4) Regions, AZ, Edge Locations

Six Advantages of Cloud Computing

1) Trade Capital Expense for Variable Expense 2) Benefit from Massive Economies of Scale 3) Stop Guessing about capacity 4) Increase speed and agility 5) Focus on what matters 6) Go Global in Minutes

When should you use Amazon S3?

1) When you need to write once, and read many times 2) Spiky data access 3) Large number of users and diverse amounts of content 4) Growing data sets

The Standard DB instance classes available for Amazon RDS

1) db.m6g 2) db.m5d 3) db.m5 4) db.m4 5) db.m3

Burstable Performance DB instance classes available for Amazon RDS

1) db.t3 2) db.t2

The Memory Optimized DB instance classes available for Amazon RDS

1) db.z1d 2) db.x1e 3) db.x1 4) db.r6g 5) db.r5b 6) db.r5d 7) db.r5

How many AWS regions are there

21

How many Amazon RDS instances can you have

40 10 for each SQL Server edition (Enterprise, Standard, Web, and Express) under the "license-included" model 10 for Oracle under the "license-included" model 40 for MySQL, MariaDB, or PostgreSQL 40 for Oracle under the "bring-your-own-license" (BYOL) licensing model

How many IP Addresses will AWS reserve from each subnet

5

What is the breakdown of the S3 Multipart Uploads

90%, 68%, 47%, and 12%

A customer relationship management (CRM) application runs on Amazon EC2 instances in multiple Availability Zones behind an Application Load Balancer. If one of these instances fails, what occurs? A) The load balancer will stop sending requests to the failed instance. B) The load balancer will terminate the failed instance. C) The load balancer will automatically replace the failed instance. D) The load balancer will return 504 Gateway Timeout errors until the instance is replaced.

A - - An Application Load Balancer (ALB) sends requests to healthy instances only. An ALB performs periodic health checks on targets in a target group. An instance that fails health checks for a configurable number of consecutive times is considered unhealthy. The load balancer will no longer send requests to the instance until it passes another health check.

A company needs to maintain access logs for a minimum of 5 years due to regulatory requirements. The data is rarely accessed once stored, but must be accessible with one day's notice if it is needed. What is the MOST cost-effective data storage solution that meets these requirements? A) Store the data in Amazon S3 Glacier Deep Archive storage and delete the objects after 5 years using a lifecycle rule. B) Store the data in Amazon S3 Standard storage and transition to Amazon S3 Glacier after 30 days using a lifecycle rule. C) Store the data in logs using Amazon CloudWatch Logs and set the retention period to 5 years. D) Store the data in Amazon S3 Standard-Infrequent Access (S3 Standard-IA) storage and delete the objects after 5 years using a lifecycle rule.

A - Data can be stored directly in Amazon S3 Glacier Deep Archive. This is the cheapest S3 storage class.

An analytics company is planning to offer a site analytics service to its users. The service will require that the users' webpages include a JavaScript script that makes authenticated GET requests to the company's Amazon S3 bucket. What must a solutions architect do to ensure that the script will successfully execute? A) Enable cross-origin resource sharing (CORS) on the S3 bucket. B) Enable S3 versioning on the S3 bucket. C) Provide the users with a signed URL for the script. D) Configure a bucket policy to allow public execute privileges.

A - Web browsers will block the execution of a script that originates from a server with a different domain name than the webpage. Amazon S3 can be configured with CORS to send HTTP headers that allow the script execution.

A company uses Reserved Instances to run its data-processing workload. The nightly job typically takes 7 hours to run and must finish within a 10-hour time window. The company anticipates temporary increases in demand at the end of each month that will cause the job to run over the time limit with the capacity of the current resources. Once started, the processing job cannot be interrupted before completion. The company wants to implement a solution that would allow it to provide increased capacity as cost-effectively as possible. What should a solutions architect do to accomplish this? A) Deploy On-Demand Instances during periods of high demand. B) Create a second Amazon EC2 reservation for additional instances. C) Deploy Spot Instances during periods of high demand. D) Increase the instance size of the instances in the Amazon EC2 reservation to support the increased workload.

A - While Spot Instances would be the least costly option, they are not suitable for jobs that cannot be interrupted or must complete within a certain time period. On-Demand Instances would be billed for the number of seconds they are running.

Elastic IP

A fixed (static) IP address that you have allocated in Amazon EC2 or Amazon VPC and then attached to an instance. These addresses are associated with your account, not a specific instance.

What is User Data on an EC2 Used for

A place to hold a small script to run on the start up of an EC2

Which of the following is a valid characteristic of an IAM Group? A) A group can contain many users, and a user can belong to multiple groups. B) Groups can be nested. C) There's no limit to the number of groups you can have. D) There is a default group that automatically includes all users in the AWS account.

A) A group can contain many users, and a user can belong to multiple groups.

In the AWS Shared Responsibility Model, whose responsibility is it to patch the host operating system of an Amazon EC2 instance? A) AWS B) Customer C) Both AWS and the customer D) Neither AWS nor the customer

A) AWS

A customer wants to run their application in the cloud via EC2 instances. Their code is currently stored in Github. Which tool could they use to launch their code onto EC2 instances? A) AWS CodeDeploy B) Amazon Kinesis C) AWS CloudFormation D) AWS CodeCommit

A) AWS CodeDeploy

A startup is using only an AWS Basic Support plan and cannot afford a higher plan right now. They require technical assistance from AWS to better understand the behavior of their services. Which of the following can be a source of technical assistance for this startup? A) AWS Discussion Forum B) AWS Technical Account Manager C) AWS Trusted Advisor D) AWS Concierge Support

A) AWS Discussion Forum

Provides 24×7 technical support from high-quality engineers, tools and technology to automatically manage the health of your environment, consultative architectural guidance delivered in the context of your applications and use-cases, and a designated Technical Account Manager (TAM) to coordinate access to proactive/preventative programs and AWS subject matter experts. A) AWS Enterprise Support B) Concierge Support C) AWS Professional Services D) AWS Technical Account Manager

A) AWS Enterprise Support

A software that lets you run local compute, messaging, data caching, sync, and ML inference capabilities on connected devices in a secure way. A) AWS Greengrass B) Amazon CloudFront C) Amazon DynamoDB Accelerator (DAX) D) Amazon ElastiCache

A) AWS Greengrass

Helps you centrally govern your environment as you grow and scale your workloads in AWS. A) AWS Organizations B) AWS GovCloud C) AWS Artifact D) AWS Certificate Manager

A) AWS Organizations

Which of the following services offers you the same AWS hardware infrastructure, services, APIs, and tools to build and run your applications on-premises and in the cloud? A) AWS Outposts B) AWS Wavelength C) AWS Organizations D) AWS Lambda

A) AWS Outposts

A company is planning to adopt a hybrid cloud architecture with AWS. Which of the following can they use to assist them in estimating their costs? (Select TWO.) A) AWS Pricing Calculator B) Cost allocation tag C) AWS Cost Explorer D) AWS Sales Representative E) Consolidated Billing

A) AWS Pricing Calculator D) AWS Sales Representative

A company is planning to adopt a hybrid cloud architecture with AWS. Which of the following can they use to assist them in estimating their costs? (Select TWO.) A) AWS Pricing Calculator B) Cost allocation tag C) AWS Cost Explorer D) Consolidated Billing E) AWS Sales Representative

A) AWS Pricing Calculator E) AWS Sales Representative

Which of the following shares a collection of offerings to help you achieve specific business outcomes related to enterprise cloud adoption through paid engagements in several specialty practice areas? A) AWS Professional Services B) Concierge Support C) AWS Technical Account Manager D) AWS Enterprise Support

A) AWS Professional Services

An online tool that provides you real-time guidance to help you provision your resources following AWS best practices. It inspects your AWS environment and makes recommendations for saving money, improving system performance and reliability, or closing security gaps. A) AWS Trusted Advisor B) AWS CloudTrail C) AWS Artifact D) AWS Certificate Manager

A) AWS Trusted Advisor

Which of the following services combine 5G networks with AWS compute and storage services for the benefit of high-performance mobile applications? A) AWS Wavelength B) AWS Control Tower C) AWS Amplify D) AWS Cloud9

A) AWS Wavelength

A MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases. A) Amazon Aurora B) Amazon Redshift C) Amazon DynamoDB D) Amazon ElastiCache

A) Amazon Aurora

Which AWS service should you use if you need to launch a highly scalable MySQL database? A) Amazon Aurora B) Amazon Redshift C) Amazon DynamoDB D) Amazon ElastiCache

A) Amazon Aurora

Which AWS service should you use if you need to launch a highly scalable MySQL database? A) Amazon Aurora B) Amazon ElastiCache C) Amazon Redshift D) Amazon DynamoDB

A) Amazon Aurora Amazon Aurora is a MySQL and PostgreSQL-compatible relational database built for the cloud, that combines the performance and availability of traditional enterprise databases with the simplicity and cost-effectiveness of open source databases

A company is in the process of migrating their applications to AWS. One of their systems requires a database that can scale globally and handle frequent schema changes. The application should not have any downtime or performance issues whenever there is a schema change in the database. It should also provide a low latency response to high-traffic queries. Which is the most suitable database solution to use to achieve this requirement? A) Amazon DynamoDB B) An Amazon RDS instance in Multi-AZ Deployments configuration C) An Amazon Aurora database with Read Replicas D) Redshift

A) Amazon DynamoDB

There is a requirement to launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches. Which of the following services should the customer use? A) Amazon EC2 B) Amazon Aurora C) Amazon DocumentDB D) Amazon DynamoDB

A) Amazon EC2

Which of the following are regarded as regional services in AWS? (Select TWO.) A) Amazon EFS B) AWS Security Token Service C) Amazon Route 53 D) Amazon EC2 E) AWS Batch

A) Amazon EFS E) AWS Batch

Among the following services, which is the most suitable one to use to store the results of I/O-intensive SQL database queries to improve application performance? A) Amazon ElastiCache B) Amazon DynamoDB Accelerator (DAX) C) Amazon CloudFront D) AWS Greengrass

A) Amazon ElastiCache

This is best suited for load balancing of HTTP and HTTPS traffic and provides advanced request routing targeted at the delivery of modern application architectures, including microservices and containers. Operating at the individual request level (Layer 7), routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) based on the content of the request. A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

A) Application Load Balancer

Which type of Elastic Load Balancer allows you to forward the incoming request to a target group with a Lambda function as a target? A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) None of the Above

A) Application Load Balancer

_________ is one of the components of AWS Global Infrastructure which consists of one or more discrete data centers each with redundant power, networking, and connectivity, and housed in separate facilities. A) Availability Zone B) Edge Location C) AWS Region D) VPC

A) Availability Zone

A Forex trading platform, which frequently processes and stores global financial data every minute, is hosted in your on-premises data center and uses an Oracle database. Due to a recent cooling problem in their data center, the company urgently needs to migrate their infrastructure to AWS to improve the performance of their applications. As the Solutions Architect, you are responsible in ensuring that the database is properly migrated and should remain available in case of database server failure in the future. Which of the following is the most suitable solution to meet the requirement? A) Create an Oracle database in RDS with Multi-AZ deployments. B) Launch an Oracle Real Application Clusters (RAC) in RDS. C) Convert the database schema using the AWS Schema Conversion Tool and AWS Database Migration Service. Migrate the Oracle database to a non-cluster Amazon Aurora with a single instance. D) Launch an Oracle database instance in RDS with Recovery Manager (RMAN) enabled.

A) Create an Oracle database in RDS with Multi-AZ deployments.

Which of the following Amazon EC2 instance purchasing options can help you address compliance requirements and reduce costs by allowing you to use your existing server-bound software licenses? A) Dedicated Host B) On-Demand Instance C) Dedicated Instance D) Reserved Instance

A) Dedicated Host

A developer needs to access an EC2 Instance to modify a WordPress configuration file. Which of the following methods let them connect to their instance? (Select TWO.) A) EC2 Instance Connect B) AWS Direct Connect C) Session Manage D) VPC Peering E) User Data

A) EC2 Instance Connect C) Session Manager

When a company uses AWS and decouple from their on-premises data center, they will be able to have which of the following benefits? (Select TWO.) A) Reduce time to market. B) Massive discounts for bare metal servers from Amazon.com. C) Decrease your TCO. D) Replace low variable costs with upfront capital expenses (CAPEX) E) Deferred payments to their operational expenditures.

A) Reduce time to market. C) Decrease your TCO.

Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 75% discount compared to On-Demand prices? A) Standard Reserved Instance B) Dedicated Host C) Convertible Reserved Instance D) Spot Instance

A) Standard Reserved Instance

A Solutions Architect for a global news company is configuring a fleet of EC2 instances in a subnet that currently is in a VPC with an Internet gateway attached. All of these EC2 instances can be accessed from the Internet. The architect launches another subnet and deploys an EC2 instance in it, however, the architect is not able to access the EC2 instance from the Internet. What could be the possible reasons for this issue? (Select TWO.) A) The Amazon EC2 instance does not have a public IP address associated with it. B) The route table is not configured properly to send traffic from the EC2 instance to the Internet through the Internet gateway. C) The Amazon EC2 instance is not a member of the same Auto Scaling group. D) The route table is not configured properly to send traffic from the EC2 instance to the Internet through the customer gateway (CGW). E) The Amazon EC2 instance does not have an attached Elastic Fabric Adapter (EFA).

A) The Amazon EC2 instance does not have a public IP address associated with it. B) The route table is not configured properly to send traffic from the EC2 instance to the Internet through the Internet gateway.

An accounting application uses an RDS database configured with Multi-AZ deployments to improve availability. What would happen to RDS if the primary database instance fails? A) The canonical name record (CNAME) is switched from the primary to standby instance. B) A new database instance is created in the standby Availability Zone. C) The primary database instance will reboot. D) The IP address of the primary DB instance is switched to the standby DB instance.

A) The canonical name record (CNAME) is switched from the primary to standby instance.

A company plans to migrate on-premises VMs to AWS. To coordinate the large-scale migration, they must find a way to automate, schedule, and track the entire procedure. Which of the following services should they use? A) Use AWS Database Migration Service to migrate on-premises workloads to AWS. B) Use AWS Migration Hub to track the progress of migrations. C) Use AWS Server Migration Service to migrate on-premises workloads to AWS. D) Use Amazon CloudWatch to monitor the migration process.

A) Use AWS Database Migration Service to migrate on-premises workloads to AWS.

Lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define A) VPC B) Security Group C) Network ACL D) Elastic Network Interface

A) VPC

A company runs a public-facing three-tier web application in a VPC across multiple Availability Zones. Amazon EC2 instances for the application tier running in private subnets need to download software patches from the internet. However, the instances cannot be directly accessible from the internet. Which actions should be taken to allow the instances to download the needed patches? (Select TWO.) A) Configure a NAT gateway in a public subnet. B) Define a custom route table with a route to the NAT gateway for internet traffic and associate it with the private subnets for the application tier. C) Assign Elastic IP addresses to the application instances. D) Define a custom route table with a route to the internet gateway for internet traffic and associate it with the private subnets for the application tier. E) Configure a NAT instance in a private subnet.

A, B - A NAT gateway forwards traffic from the instances in the private subnet to the internet or other AWS services, and then sends the response back to the instances. After a NAT gateway is created, the route tables for private subnets must be updated to point internet traffic to the NAT gateway.

The application specifications for the data store hosted at AWS has the following requirements. • The data store will be 12 TB. • Data growth will be approximately 10 GB per day. • There must be three read replicas. • Data compatibility must be MySQL • The database must be able to be replicated across multiple regions. Which of the following data store options would meet this requirement? A. Amazon Aurora. B. AWS DynamoDB. C. AWS Redshift. D. AWS ElastiCache.

A. Amazon Aurora.

An EC2 instance hosted on a private subnet needs access to an S3 bucket located in the same region as the instance. The EC2 instance will need access to the S3 bucket continuously. The company does not want their data to be exposed over the Internet. What two solutions could you choose? A. Create an IAM role providing access to the S3 bucket and assign the role to the EC2 instance. B. Create a private VPC interface endpoint for access to the S3 bucket. C. Create a private VPC gateway endpoint for access to the S3 bucket. D. Create a bucket policy IAM role providing access to the S3 bucket and list the EC2 instance.

A. Create an IAM role providing access to the S3 bucket and assign the role to the EC2 instance. B. Create a private VPC interface endpoint for access to the S3 bucket.

Requirements for a database to be hosted on custom EC2 instances require data volumes that can support 28,000 Provisioned IOPS. Which Amazon EBS volumes type meets the performance requirements? A. EBS provisioned IOPS SSD B. EBS Throughput Optimized C. EBS General Purpose SST D. EBS Cold Storage HDD

A. EBS provisioned IOPS SSD

Your company is deployed a Redshift cluster that contains over 100 TB of data. Due to the large volume of data, it is decided that a disaster recovery site should be created and located in a separate AWS region containing up-to-date snapshots of data. What option should be enabled for the Redshift cluster? A. Enable cross region snapshots for the Redshift cluster. B. Enable cross availability zone snapshots for the Redshift cluster. C. Restore the redshifts cluster in the other region using CloudFormation. D. Create snapshots of the EBS data volumes and then replicate the EBS snapshots using S3 cross region replication

A. Enable cross region snapshots for the Redshift cluster.

Your corporation needs to store archived documentation from head office in the AWS cloud. It is determined that Amazon Glacier is the correct storage solution. Although the archive documents will rarely be accessed, the company wants to ensure that data can be delivered in under five minutes of any retrieval request. What feature of Amazon Glacier meets this customer requirement? A. Expedited retrieval policy. B. WORM policy. C. Standard retrieval policy. D. Bulk retrieval policy.

A. Expedited retrieval policy.

Your web application is hosted on an EC2 instance that is located behind a public facing Application Load Balancer. The web tier performance is managed by an Auto Scaling Group and instances are hosted across multiple availability zones. Website data consists of static files stored on shared EFS storage. How can the performance of the web application be increased for a global audience of end-users? A. Use CloudFront to cache the static web application images. B. Move the web application images in an S3 bucket. C. Decrease the resolution of the images. D. Increase the power of the EC2 instances powering the web application.

A. Use CloudFront to cache the static web application images.

You are tasked with migrating your company's assets to the AWS cloud. You have over 800 GB of data stored on and on premises storage array. You need to select a utility that can transfer the data both to S3 storage and FSx storage. A. Use EFS DataSync. B. Use AWS Storage Gateway. C. Server Migration Service. D. Use S3 transfer acceleration

A. Use EFS DataSync.

What two options are available to encrypt Redshift clusters? A. Use the Key Management Service default master key. B. Deploy Cloud HSM and then store the top-level encryption keys, C. Enable encryption on the EBS volumes of the clusters. D. Use SSL/TLS for encrypting the data at res

A. Use the Key Management Service default master key. B. Deploy Cloud HSM and then store the top-level encryption keys,

Which of the following situations would most benefit a company's costs by utilizing cloud computing? A. A healthcare company experiences a significant increase in utilization during the annual open enrollment period. B. A company has consistent utilization through the year without many bursts or down periods. C. A sports news system gets a 50 percent increase in traffic on weekends versus weekdays. D. A publishing company gets short, sporadic bursts of traffic with news items.

A. With a defined period of high utilization of a cyclical nature, a healthcare company could save significant costs with cloud computing, where resources can be increased during those peak periods and otherwise operate at a much lower level the majority of the year.

A fully managed service that makes it easy to develop GraphQL APIs by handling the heavy lifting of securely connecting to data sources like AWS DynamoDB, Lambda, and more. Adding caches to improve performance, subscriptions to support real-time updates, and client-side data stores that keep off-line clients in sync are just as easy.

AWS AppSync

You have production workloads on AWS and want 24x7 access to technical support and architectural guidance in the context of your specific use-cases. This Service provides access to third-party software support, documentation and forums, AWS Trusted Advisor, AWS Personal Health Dashboard, AWS Support API, and launch and event planning. What service would you have from AWS?

AWS Business Support

A unified tool to manage your AWS services. With just one tool to download and configure, you can control multiple AWS services from the command line and automate them through scripts.

AWS CLI

A managed private CA service that helps you easily and securely manage the lifecycle of your private certificates. CA provides you a highly-available private CA service without the upfront investment and ongoing maintenance costs of operating your own private CA.

AWS Certificate Manager.

a computing device that processes cryptographic operations and provides secure storage for cryptographic keys. You can perform a variety of cryptographic tasks: Generate, store, import, export, and manage cryptographic keys, including symmetric keys and asymmetric key pairs

AWS CloudHSM

Compiles your source code, runs unit tests, and produces artifacts that are ready to deploy. Eliminates the need to provision, manage, and scale your own build servers. It provides prepackaged build environments for popular programming languages and build tools such as Apache Maven, Gradle, and more.

AWS Code Build

A fully managed deployment service that automates software deployments to a variety of compute services such as Amazon EC2, AWS Fargate, AWS Lambda, and your on-premises servers. It easier for you to rapidly release new features, helps you avoid downtime during application deployment, and handles the complexity of updating your applications.

AWS Code Deploy

AWS Service that recommends optimal AWS resources for your workloads to reduce costs and improve performance by using machine learning to analyze historical utilization metrics.

AWS Compute Optimizer

This offering is only available for enterprise support plans.

AWS Concierge Support

makes it easy to find, subscribe to, and use third-party data in the cloud from qualified data providers

AWS Data Exchange

A web service that you can use to automate the movement and transformation of data. You can define data-driven workflows, so that tasks can be dependent on the successful completion of previous tasks

AWS Data Pipeline

A cloud service that makes it easy to migrate relational databases, data warehouses, NoSQL databases, and other types of data stores.

AWS Database Migration Service

A cloud service that makes it easy to migrate relational databases, data warehouses, NoSQL databases, and other types of data stores. You can use this to migrate your data into the AWS Cloud or between combinations of cloud and on-premises setups.

AWS Database Migration Service (AWS DMS)

An online data transfer service that simplifies, automates, and accelerates moving data between on-premises storage systems and AWS storage services, and also between AWS storage services. DataSync can copy data between Network File System (NFS), Server Message Block (SMB) file servers, self-managed object storage, AWS Snowcone, Amazon Simple Storage Service (Amazon S3) buckets, Amazon EFS file systems, and Amazon FSx for Windows File Server file systems.

AWS Datasync

A networking service that is primarily used to establish private connectivity between AWS and your datacenter, office, or colocation environment.

AWS Direct Connect

You get 24x7 technical support from high-quality engineers, tools and technology to automatically manage health of your environment, consultative architectural guidance delivered in the context of your applications and use-cases, and a designated Technical Account Manager (TAM) to coordinate access to proactive / preventative programs and AWS subject matter experts. AWS Enterprise Support is recommended if you have business and/or mission critical workloads in AWS. What service would you have from AWS?

AWS Enterprise Support

A security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization

AWS Firewall Manager

A service that improves the availability and performance of your applications with local or global users. It provides you with static IP addresses that serve as a fixed entry point to your applications hosted in one or more AWS Regions.

AWS Global Accelerator

Redirects user requests to the closest edge location and then routes the requests across AWS's private network increasing the speed of the data requests. Answer A will take time to deploy the solution.

AWS Global Accelerator

designed to allow US government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements.

AWS Gov Cloud

An event-driven, serverless computing platform.

AWS Lambda

A type of AWS infrastructure deployment that places AWS compute, storage, database, and other select services close to large population, industry, and IT centers. An extension of an AWS Region where you can run your latency-sensitive applications using AWS services such as Amazon Elastic Compute Cloud, Amazon Virtual Private Cloud, Amazon Elastic Block Store, Amazon File Storage, and Amazon Elastic Load Balancing in geographic proximity to end-users.

AWS Local Zones

A web application that comprises and refers to a broad collection of service consoles for managing Amazon Web Services

AWS Management Console

Provides a single location to track the progress of application migrations across multiple AWS and partner solutions and can only monitor application migrations.

AWS Migration Hub

An account management service that enables you to consolidate multiple AWS accounts into an organization that you create and centrally manage

AWS Organizations

This program only helps customers to design, architect, migrate, or build new applications on AWS. A) Concierge Support B) AWS Partner Network Technology Partners C) Technical Account Management D) AWS Partner Network Consulting Partners

AWS Partner Network Consulting Partners

A services that provides alerts and remediation guidance when AWS is experiencing events that may impact you

AWS Personal Health Dashboard

An AWS Service that helps you securely share your resources across AWS accounts, within your organization or organizational units (OUs) in AWS Organizations, and with IAM roles and IAM users for supported resource types.

AWS Resource Access Manager (RAM)

Converts your existing database schema from one database engine to another. You can convert relational OLTP schema, or data warehouse schema.

AWS Schema Conversion Tool

AWS service that makes it easier for you to manage secrets. Secrets can be database credentials, passwords, third-party API keys, and even arbitrary text.

AWS Secrets

An agentless service which makes it easier and faster for you to migrate thousands of on-premises workloads to AWS. Allows you to automate, schedule, and track incremental replications of live server volumes, making it easier for you to coordinate large-scale server migrations.

AWS Server Migration Service (SMS

An agentless service which makes it easier and faster for you to migrate thousands of on-premises workloads to AWS. AWS SMS allows you to automate, schedule, and track incremental replications of live server volumes, making it easier for you to coordinate large-scale server migrations.

AWS Server Migration Service (SMS)

An easy-to-use online tool that enables you to estimate the monthly cost of AWS services for your use case based on your expected usage.

AWS Simply Monthly Calculator

An edge computing, data migration, and edge storage device that comes in two options and provides both block storage and Amazon S3-compatible object storage, and 40 vCPUs. They are well suited for local storage and large scale-data transfer

AWS Snowball

A physically rugged device protected by AWS Key Management Service (AWS KMS) that you use for local storage and compute, or to transfer data between your on-premises servers and Amazon Simple Storage Service (Amazon S3).

AWS Snowball Edge

Makes it easy to move massive volumes of data to the cloud, including video libraries, image repositories, or even a complete data center migration. You can transfer up to 100PB per Snowmobile, a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck.

AWS Snowmobile

Caches data in the local VM or gateway hardware appliance, providing low-latency disk and network performance for your most active data, with optimized data transfers occurring to AWS Cloud storage in the background

AWS Storage Gateway

Programmatic access to AWS Support Center features to create, manage, and close your support cases, and operationally manage your Trusted Advisor check requests and status.

AWS Support API

An AWS service that provides a unified user interface so you can view operational data from multiple AWS services. It also allows you to automate operational tasks across your AWS resources. Systems Manager is not part of the AWS Support Plan.

AWS Systems Manager

A solution automatically provisions the infrastructure necessary to help customers actively track their cost recommendations across their organization over time. The solution provides an effective way to drive cost optimization through specific resource tags. The solution also helps deliver cost key performance indicators (KPIs) for your organization. Checks and guidance to provision your resources following best practices to help reduce costs, increase performance and fault tolerance, and improve security.

AWS Trusted Advisor

A tool that provides best practice recommendations in your AWS account.

AWS Trusted Advisor

A tool that provides you real-time guidance to help you provision your resources following AWS best practices.

AWS Trusted Advisor

Provides recommendations that help you follow AWS best practices. Trusted Advisor evaluates your account by using checks. These checks identify ways to optimize your AWS infrastructure, improve security and performance, reduce costs, and monitor service quotas. You can then follow the check recommendations to optimize your services and resources.

AWS Trusted Advisors

AWS services to the edge of the 5G network, minimizing the latency to connect to an application from a mobile device.

AWS Wavelength

A service that collects data about requests that your application serves, and provides tools you can use to view, filter, and gain insights into that data to identify issues and opportunities for optimization.

AWS X-Ray

What instances use hardware accelerators, or co-processors, to perform functions, such as floating point number calculations, graphics processing, or data pattern matching, more efficiently than is possible in software running on CPUs.

Accelerated Computing

A feature of AWS Identity and Access Management (IAM) that helps you identify the resources in your organization and accounts, such as Amazon S3 buckets or IAM roles that are shared with an external entity.

Access Analyzer

A fully managed application streaming service that provides users with instant access to their desktop applications from anywhere.

Amazon AppStream 2.0

An interactive query service that makes it easy to analyze data directly in Amazon Simple Storage Service (Amazon S3) using standard SQL.

Amazon Athena

An interactive query service that makes it easy to analyze data in Amazon S3 using standard SQL expressions. It is serverless, so there is no infrastructure to manage, and you pay only for the queries you run

Amazon Athena

A fully managed relational database engine that's compatible with MySQL and PostgreSQL

Amazon Aurora

A web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. Delivers your content through a worldwide network of data centers called edge locations.

Amazon CloudFront

Monitors your Amazon Web Services (AWS) resources and the applications you run on AWS in real time.

Amazon CloudWatch

A natural language processing service that uses machine learning to find meaning and insights in text.

Amazon Comprehend

A fully managed proprietary NoSQL database service that supports key-value and document data structures and is offered by Amazon.com as part of the Amazon Web Services portfolio.

Amazon DynamoDB

A fully managed in-memory data store and cache service by Amazon Web Services. The service improves the performance of web applications by retrieving information from managed in-memory caches, instead of relying entirely on slower disk-based databases.

Amazon ElastiCache

What is a AWS Service that provides multiple levels of security and compliance to help ensure that your data is protected. It automatically encrypts data at rest (for both file systems and backups) using keys that you manage in AWS Key Management Service (AWS KMS).

Amazon FSX

For Windows File Server provides fully managed file storage that is accessible over the industry-standard Server Message Block (SMB) protocol. Built on Windows Server, Amazon FSx delivers a wide range of administrative features such as data deduplication, end-user file restore, and Microsoft Active Directory (AD) integration.

Amazon FSx

A continuous security monitoring service that analyzes and processes the following Data sources: VPC Flow Logs, AWS CloudTrail management event logs, CloudTrail S3 data event logs, and DNS logs. It uses threat intelligence feeds, such as lists of malicious IP addresses and domains, and machine learning to identify unexpected and potentially unauthorized and malicious activity within your AWS environment.

Amazon GuardDuty

Tests the network accessibility of your Amazon EC2 instances and the security state of your applications that run on those instances. Assesses applications for exposure, vulnerabilities, and deviations from best practices. After performing an assessment, Amazon Inspector produces a detailed list of security findings that is organized by level of severity.

Amazon Inspector.

A scalable, highly available, and managed Apache Cassandra-compatible database service. With Amazon Keyspaces, you don't have to provision, patch, or manage servers, and you don't have to install, maintain, or operate software. Serverless, so you pay for only the resources that you use, and the service automatically scales tables up and down in response to application traffic. You can build applications that serve thousands of requests per second with virtually unlimited throughput and storage.

Amazon Keyspaces

A massively scalable and durable real-time data streaming service. Can continuously capture gigabytes of data per second from hundreds of thousands of sources such as website clickstreams, database event streams, financial transactions, social media feeds, IT logs, and location-tracking events.

Amazon Kinesis Data Streams

A machine learning service used for detecting abnormal industrial machine behavior and it enables you to implement predictive maintenance

Amazon Monitron

A fast, reliable, fully managed graph database service that makes it easy to build and run applications that work with highly connected datasets.

Amazon Neptune

a web service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks.

Amazon RDS

A fully managed, petabyte-scale data warehouse service in the AWS Cloud. It forms part of the larger cloud-computing platform Amazon Web Services allows up to 16 petabytes of data on a cluster

Amazon Redshift

Allows Redshift to directly run SQL queries against exabytes of unstructured data in Amazon S3. No loading or transformation is required, and you can use open data formats, including Avro, CSV, Grok, ORC, Parquet, RCFile, RegexSerDe, SequenceFile, TextFile, and TSV.

Amazon Redshift Spectrum

Data warehousing service that lets a data analyst conduct fast, complex analysis on objects stored on the AWS cloud. It must have a Redshift cluster and a connected SQL client. Multiple clusters can access the same S3 data set at the same time, but queries can only be conducted on data stored in the same AWS region.

Amazon Redshift Spectrum

A scalable and highly available Domain Name System service, A reliable and cost-effective way to route end users to Internet applications

Amazon Route 53

A scalable storage infrastructure service offered by Amazon Web Services that provides object storage through a web service interface. Designed to pull out only the data you need from an object, which can dramatically improve the performance and reduce the cost of applications that need to access data in S3.

Amazon S3 Select

S3 option that improves transfer performance by routing traffic through Amazon CloudFront's globally distributed Edge Locations and over AWS backbone networks, and by using network protocol optimizations.

Amazon S3 Transfer Acceleration

a cost-effective, flexible, and scalable email service that enables developers to send mail from within any application.

Amazon Simple Email Service (SES)

A managed service that provides message delivery from publishers to subscribers (also known as producers and consumers). Publishers communicate asynchronously with subscribers by sending messages to a topic, which is a logical access point and communication channel. Clients can subscribe to the SNS topic and receive published messages using a supported endpoint type, such as Amazon Kinesis Data Firehose, Amazon SQS, AWS Lambda, HTTP, email, mobile push notifications, and mobile text messages (SMS).

Amazon Simple Notification Service (Amazon SNS)

A flexible queue service that enables message passing between different processes of execution in a software application. The queues are located in the AWS infrastructure, but the processes that are passing messages can be located locally, on Amazon EC2 instances, or on some combination of these. Amazon SQS is ideal for coordinating the distribution of work across multiple computers.

Amazon Simple Queue Service (SQS)

This service is mainly used to extract printed text, handwriting, and data from virtually any document.

Amazon Textract

Service is used for document collaboration, much like Google Docs and Office 365 Word. If you need to use a natural language processing service, you should use Amazon Comprehend.

Amazon WorkDocs

Enables you to provision virtual, cloud-based Microsoft Windows or Amazon Linux desktops for your users. Eliminates the need to procure and deploy hardware or install complex software. You can quickly add or remove users as your needs change.

Amazon Workspaces

What TWO types of DB instances make up an Aurora DB cluster?

Aurora Replica Primary DB instance

an Amazon RDS feature that creates and saves automated backups of your DB instance during the backup window of your DB instance. CloudFront is not capable of doing automated backups of your instances.

Automated Backups

There are five design principles for reliability in the cloud:

Automatically recover from failure Test recovery procedures Scale horizontally to increase aggregate workload availability Stop guessing capacity Manage change in automation

One or more discrete data centers with redundant power, networking, and connectivity in an AWS Region.

Availability Zone (AZ)

A gaming company needs a service that uses the AWS global network to optimize users' access to their applications using an anycast static IP address. Which of the following services fits this criteria? A) Amazon Route 53 B) AWS Global Accelerator C) Amazon ElastiCache D) Amazon CloudFront

B) AWS Global Accelerator

Designed to allow U.S. government agencies and customers to move sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements. A) AWS Organizations B) AWS GovCloud C) AWS Artifact D) AWS Certificate Manager

B) AWS GovCloud

Which of the following provides software solutions that are either hosted on or integrated with the AWS platform which may include Independent Software Vendors (ISVs), SaaS, PaaS, developer tools, management, and security vendors? A) Concierge Support B) AWS Partner Network Technology Partners C) Technical Account Management D) AWS Partner Network Consulting Partners

B) AWS Partner Network Technology Partners

A company plans to use an application streaming service to give its employees instant access to their desktop applications from any device. Which of the following services fulfills this requirement? A) AWS AppSyn B) Amazon AppStream 2.0 C) Amazon Kinesis Data Streams D) Amazon WorkSpaces

B) Amazon AppStream 2.0

A fully-managed service that automates time-consuming administration tasks like hardware provisioning, database setup, patching, and backups without any manual intervention from you. A) Amazon EC2 B) Amazon Aurora C) Amazon DocumentDB D) Amazon DynamoDB

B) Amazon Aurora

A global CDN service that accelerates delivery of your websites, APIs, video content or other web assets to your customers around the world. A CDN provides you the ability to utilize its global network of edge locations to deliver a cached copy of web content such as videos, webpages, images and not I/O-intensive SQL database queries. A) AWS Greengrass B) Amazon CloudFront C) Amazon DynamoDB Accelerator (DAX) D) Amazon ElastiCache

B) Amazon CloudFront

An organization needs to use a natural language processing service to find insights and relationships in article submissions. Which of the following services can satisfy the given requirement? A) Amazon WorkDocs B) Amazon Comprehend C) Amazon Textract D) Amazon Monitron

B) Amazon Comprehend

There is a requirement to launch a new database in AWS where the customer assumes the responsibility and management of the guest operating system, including updates and security patches. Which of the following services should the customer use? A) Amazon DynamoDB B) Amazon EC2 C) Amazon Aurora D) Amazon DocumentDB

B) Amazon EC2

A data warehousing service and doesn't support MySQL A) Amazon Aurora B) Amazon Redshift C) Amazon DynamoDB D) Amazon ElastiCache

B) Amazon Redshift

A company has a top priority requirement to monitor a few database metrics and then afterward, send email notifications to the Operations team in case there is an issue. Which AWS services can accomplish this requirement? (Select TWO.) A) Amazon Simple Queue Service (SQS) B) Amazon Simple Notification Service (SNS) C) Amazon CloudWatch D) Amazon Simple Email Service E) Amazon EC2 Instance with a running Berkeley Internet Name Domain (BIND) Server.

B) Amazon Simple Notification Service (SNS) C) Amazon CloudWatch

Which AWS service lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources? A) Internet gateway B) Amazon VPC C) AWS Elastic Beanstalk D) Amazon EC2

B) Amazon VPC

What is the difference between an Availability Zone and a Local Zone? A) An Availability Zone is an extension of an AWS Region in geographic proximity to your users. A Local Zone is an isolated location within an AWS region B) An Availability Zone is an isolated location within an AWS region. A Local Zone is an extension of an AWS Region in geographic proximity to your users. C) An Availability Zone delivers cached content to the closest location to reduce latency for users. A Local Zone is an extension of an AWS Region in geographic proximity to your users. D) An Availability Zone is a separate geographic area. A Local Zone delivers cached content to the closest location to reduce latency for users.

B) An Availability Zone is an isolated location within an AWS region. A Local Zone is an extension of an AWS Region in geographic proximity to your users.

A team composed of AWS billing and account experts that specialize in working with enterprise accounts. They will quickly and efficiently assist you with your billing and account inquiries, and work with you to implement billing and account best practices so that you can focus on running your business. A) AWS Enterprise Support B) Concierge Support C) AWS Professional Services D) AWS Technical Account Manager

B) Concierge Support

Primarily used to make it easier for you to categorize and track your AWS costs by tagging your resources A) AWS Pricing Calculator B) Cost allocation tag C) AWS Cost Explorer D) Consolidated Billing E) AWS Sales Representative

B) Cost allocation tag

Which of the following is true on how AWS lessens the time to provision your IT resources? A) It provides an AI-powered IT ticketing platform for fulfilling resource requests. B) It provides various ways to programmatically provision IT resources. C) It provides an automated system of requesting and fulfilling IT resources from third-party vendors. D) It provides express service to deliver your servers to your data centers fast.

B) It provides various ways to programmatically provision IT resources.

This is best suited for load balancing of Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic where extreme performance is required. Operating at the connection level (Layer 4), Network Load Balancer routes traffic to targets within Amazon Virtual Private Cloud (Amazon VPC) and is capable of handling millions of requests per second while maintaining ultra-low latencies. It is optimized to handle sudden and volatile traffic patterns. A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

B) Network Load Balancer

Which of the following is best suited for load balancing Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Transport Layer Security (TLS) traffic including the capability of handling millions of requests per second while maintaining ultra-low latencies? A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

B) Network Load Balancer

Which of the following is true regarding the Business support plan in AWS? A) Provides a 1-hour response time support if your production system got impaired B) Provides a 1-hour response time support if your production system goes down C) Provides a 15-minute response time support if your business-critical system goes down D) Provides a 15-minute response time support if your production system goes down

B) Provides a 1-hour response time support if your production system goes down

A real-time data analytics application is using AWS Lambda to process data and store results in JSON format to an S3 bucket. To speed up the existing workflow, you have to use a service where you can run sophisticated Big Data analytics on your data without moving them into a separate analytics system. Which of the following group of services can you use to meet this requirement? A) S3 Select, Amazon Neptune, DynamoDB DAX B) S3 Select, Amazon Athena, Amazon Redshift Spectrum C) Amazon X-Ray, Amazon Neptune, DynamoDB D) Amazon Glue, Glacier Select, Amazon Redshift

B) S3 Select, Amazon Athena, Amazon Redshift Spectrum

Which of the following are advantages of Cloud Computing? (Select TWO.) A) Massive discounts for your computers, network devices and other equipment from Amazon online shopping website. B) Trade capital expense for variable expense. C) Increase speed and agility. D) Achieve lower economies of scale. E) Trade variable expense for capital expense.

B) Trade capital expense for variable expense. C) Increase speed and agility.

Which of the following options below is solely the responsibility of the customer in accordance with the AWS shared responsibility model? A) Configuration Management B) Zone Security C) Awareness & Training D) Patching of the host operating system

B) Zone Security

You are deploying a public facing Application Load Balancer that is going to receive incoming Internet traffic on port 443. What AWS service should be used to host your security certificates? A. AWS Key Management Service. B. AWS Certificate Manager. C. AWS Secrets. D. Cloud HSM

B. AWS Certificate Manager.

A new sales application is going to be hosted at AWS. The application needs a centralized data store for user session data for additional redundancy for end-users. Choose TWO choices that could be used. A. AWS CloudTrail. B. AWS ElastiCache. C. ALB sticky sessions. D. DynamoDB. E. AWS Storage Gateway

B. AWS ElastiCache. D. DynamoDB.

What two AWS services could be considered for improving the networking performance for a global audience? Choose TWO answers. A. API Gateway. B. AWS Global Accelerator. C. AWS CloudFront. D. Route 53 health checks.

B. AWS Global Accelerator. C. AWS CloudFront.

Your hosted application is accessed across the Internet. The application database is deployed using RDS MySQL running in a custom VPC on private subnets. The Web servers need to be accessed utilizing HTTPS connections and the database can only be accessed by the Web servers. Select TWO answers to create a solution to meet these requirements. A. Create a Network ACL on the web server subnets allowing the HTPS port for 443 inbound and specify the source as (0.0.0.0.0/0). B. Create a Security group for the web servers that allows HTTPS port 443 inbound traffic from anywhere (0.0.0.0.0/0). C. Create a network ACL on the DB subnet allowing the MYSQL port for 3305 inbound and deny all outbound traffic. D. Create a Security group for the database servers and allow the default MySQL port 3306 for inbound access. Specify the source as the web server security group.

B. Create a Security group for the web servers that allows HTTPS port 443 inbound traffic from anywhere (0.0.0.0.0/0). D. Create a Security group for the database servers and allow the default MySQL port 3306 for inbound access. Specify the source as the web server security group.

Developers are deploying applications hosted on EC2 instances that require access to AWS services. What is the most secure method to allow the hosted application access to the required AWS service? A. Use secure EC2 instance metadata to store the required credentials. B. Create an IAM role linked to the AWS service assigned to the EC2 instance. C. Embed the required credentials into your application. D. Use the Key Management Service to assist in authentication.

B. Create an IAM role linked to the AWS service assigned to the EC2 instance.

Your SasS application was specifically designed for two distinct geographical areas. As a result, your application was hosted in one region in the United States US-WEST-2, and in AWS Europe (Paris). Over time however, your application became popular in other parts of the world; customers are complaining of the slow access speeds when accessing the application. You need to provide a solution quickly. Which option should you choose to solve your latency problems? A. Deploy Route 53 Traffic policies utilizing latency-based routing records. B. Deploy Global Accelerator endpoints for your two deployed regions. C. Deploy the web server assets using S3 cross region replication. D. Deploy high-speed fiber Direct Connect connections.

B. Deploy Global Accelerator endpoints for your two deployed regions.

A hosted legacy application needs minimal data storage that is infrequently accessed. What would be the best cost-effective storage solution to consider? A. EBS volumes with Provisioned IOPS. B. EBS cold storage HDD volumes. C. EBS general purpose SSD volumes. D. Amazon FSx

B. EBS cold storage HDD volumes.

Which cloud deployment model is often used in conjunction with a company's disaster recovery plan? A. Public B. Hybrid C. Community D. Private

B. Hybrid cloud environments, which use a mix of traditional data centers with the cloud or utilize multiple cloud models, are often used as a backup and standby platform for a company's disaster recovery plans.

Which cloud deployment model best characterizes AWS? A. Private B. Public C. Hybrid D. Community

B. Public AWS utilizes a public cloud deployment model where anyone can sign up for an account and allocate resources, with the limitations applying to their finances and resources.

A newly launched SaaS application needs storage for photographs for public events going on around the world on special holidays. The amount of storage required is unknown, but it is expected that after several weeks, the existing content will need to be automatically optimized to help with overall costs of the application. Which S3 storage solution would be the best initial option to begin with? A. Use Standard 1A to store all images. B. Use S3 Intelligent Tiering storage class. C. Use S3 standard storage class and use Storage class analytics to analyze and move objects with lifecycle policies. D. Use Amazon Glacier to store all images.

B. Use S3 Intelligent Tiering storage class.

An on-premises application uploads files that are 5 GB in size to the AWS cloud. Each file requires scanning after upload to adhere to compliance standards for cloud storage data. Each file takes several seconds to upload in the schedule for uploads is not consistent. What storage architecture should be used for to satisfy this application and its needs? A. Store files in a SQS queue for further processing by a fleet of EC2 instances. B. Use S3 bucket using event notifications to invoke a Lambda function to review for compliance. C. Store files in EFS storage. D. Store files in a Dynamo DB table with triggers to call a Lambda function to review for compliance.

B. Use S3 bucket using event notifications to invoke a Lambda function to review for compliance.

Which of the following best fits the responsibility of the cloud customer with a Software as a Service application? A. A cloud customer provisions virtual machines that have a base image and just require software installation specific to their needs. B. The cloud customer gains access to a fully featured application that just requires their user data and access, possibly with branding also allowed. C. The cloud provider allocates fully built systems that require a customer to integrate their custom application code. D. A cloud provider gives access to a vast software suite of utilities and libraries that a customer can access as needed for their own deployments.

B. With Software as a Service, a customer contracts for a fully built and ready software application. The customer typically will need to provision user access and user data, along with possibly branding with their own logos and text. The application is fully maintained by the cloud provider, and a customer does not have the ability to modify code.

A special-purpose computer on a network specifically designed and configured to withstand attacks

Bastion Host

How do you protect the integrity of your instances?

By Managing Failure: 1) Use Load Balancer 2) Monitor Resource Health 3) Multiple Availability Zone 4) Automatically respond to Notifications

A company plans to run a monitoring application on an Amazon EC2 instance in a VPC. Connections are made to the instance using its private IPv4 address. A solutions architect needs to design a solution that will allow traffic to be quickly directed to a standby instance if the application fails and becomes unreachable. Which approach will meet these requirements? A) Deploy an Application Load Balancer configured with a listener for the private IP address and register the primary instance with the load balancer. Upon failure, de-register the instance and register the secondary instance. B) Configure a custom DHCP option set. Configure DHCP to assign the same private IP address to the secondary instance when the primary instance fails. C) Attach a secondary elastic network interface (ENI) to the instance configured with the private IP address. Move the ENI to the standby instance if the primary instance becomes unreachable. D) Associate an Elastic IP address with the network interface of the primary instance. Disassociate the Elastic IP from the primary instance upon failure and associate it with a secondary instance.

C - A secondary ENI can be added to an instance. While primary ENIs cannot be detached from an instance, secondary ENIs can be detached and attached to a different instance.

A solutions architect wants to design a solution to save costs for Amazon EC2 instances that do not need to run during a 2-week company shutdown. The applications running on the instances store data in instance memory (RAM) that must be present when the instances resume operation. Which approach should the solutions architect recommend to shut down and resume the instances? A) Modify the application to store the data on instance store volumes. Reattach the volumes while restarting them. B) Snapshot the instances before stopping them. Restore the snapshot after restarting the instances. C) Run the applications on instances enabled for hibernation. Hibernate the instances before the shutdown. D) Note the Availability Zone for each instance before stopping it. Restart the instances in the same Availability Zones after the shutdown.

C - Hibernating an instance saves the contents of RAM to the Amazon EBS root volume. When the instance restarts, the RAM contents are reloaded.

What is an AMI? A) An AMI is an object that stores data about the instance such as Local HostName, Instance ID, or Public IP Address B) It provides block level Storage that will disappear on instance shutdown C) AMIs are used to create EC2 instances and contain a template for the root volume D) A type of storage bucket for Amazon S3

C) AMIs are used to create EC2 instances and contain a template for the root volume

For security audit, a company needs to download the compliance-related documents in AWS such as ISO certifications, Payment Card Industry (PCI), and Service Organization Control (SOC) reports. Which of the following should they use to retrieve these files? A) AWS Trusted Advisor B) AWS CloudTrail C) AWS Artifact D) AWS Certificate Manager

C) AWS Artifact

In compliance with the Sarbanes-Oxley Act (SOX) federal law, a US-based company is required to provide SOC 1 and SOC 2 reports of their cloud resources. Where are these AWS compliance documents located? A) AWS Organizations B) AWS GovCloud C) AWS Artifact D) AWS Certificate Manager

C) AWS Artifact

Which of the following are regarded as regional services in AWS? (Select TWO.) A) Amazon Route 53 B) AWS Security Token Service C) AWS Batch D) Amazon EFS E) Amazon EC2

C) AWS Batch D) Amazon EFS

A fully-managed source control service that hosts secure Git-based repositories. It does not deploy code to instances. A) AWS CodeDeploy B) AWS CloudFormation C) AWS CodeCommit D) Amazon Kinesis

C) AWS CodeCommit

This service can only forecast your costs based on your previous usage A) AWS Pricing Calculator B) Cost allocation tag C) AWS Cost Explorer D) Consolidated Billing E) AWS Sales Representative

C) AWS Cost Explorer

Which of the following services are used by AWS Service Catalog as a combination to create a portfolio of products? A) AWS IAM & AWS Config B) AWS Config & Cloud Formation C) AWS IAM & AWS Cloud Formation D) AWS Config & AWS Organizations

C) AWS IAM & AWS Cloud Formation AWS Service Catalog allows IT organizations to create a portfolio of products that end users can use to deploy AWS resources as defined in the portfolio. For this, AWS Service Catalog uses AWS IAM & AWS Cloud Formation

Which of the following shares a collection of offerings to help you achieve specific business outcomes related to enterprise cloud adoption through paid engagements in several specialty practice areas? A) AWS Enterprise Support B) Concierge Support C) AWS Professional Services D) AWS Technical Account Manager

C) AWS Professional Services

You need to organize and consolidate information based on criteria specified in tags or resources in AWS. Which of the following should you use? A) AWS Directory Service B) AWS IAM Group C) AWS Resource Groups D) Amazon CloudWatch Dashboard

C) AWS Resource Groups

Users in the Development team need to deploy a multi-tiered web application. Which service can be used to create a customized portfolio that will help users for a quick deployment? A) AWS Config B) AWS Code Deploy C) AWS Service Catalog D) AWS CloudFormation

C) AWS Service Catalog AWS Service Catalog can be used to create & deploy portfolio of products within the AWS infrastructure. This helps to create consistent resources within the AWS infrastructure with quick deployment. These catalogs can be used for deployment of single resources or a multi-tier web application consisting of web, application & database layer resources.

Which service will you use to quickly and securely transfer hundreds of petabytes of data to AWS? A) AWS Data Pipeline B) AWS Snowball Edge C) AWS Snowmobile D) AWS Data Exchange

C) AWS Snowmobile

What does AWS do when a storage device reaches the end of its lifespan? A) AWS archives the device in case customers request their data again B) AWS simply wipes the device and disposes it C) AWS follows a strict decommissioning process as described in compliance procedures D) AWS wipes the drives and sends it back to the manufacturer to procure a new one

C) AWS follows a strict decommissioning process as described in compliance procedures

A fully-managed document database service that supports MongoDB workloads. A) Amazon EC2 B) Amazon Aurora C) Amazon DocumentDB D) Amazon DynamoDB

C) Amazon DocumentDB

This service is highly scalable, this is primarily used for nonrelational databases only. A) Amazon Aurora B) Amazon Redshift C) Amazon DynamoDB D) Amazon ElastiCache

C) Amazon DynamoDB

A company is planning to use AWS Cloud to augment the resources of their on-premises data center to better serve their customers around the world. How does a company benefit from using AWS? A) Benefit from massive discounts from the Amazon.com shopping website B) Replace low variable costs with upfront capital infrastructure expenses C) Benefit from massive economies of scale D) Replace high variable costs with upfront capital infrastructure expenses

C) Benefit from massive economies of scale

This provides basic load balancing across multiple Amazon EC2 instances and operates at both the request level and connection level and is intended for applications that were built within the EC2-Classic network. A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

C) Classic Load Balancer

Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 54% discount compared to On-Demand prices and can be purchased at 1 year or 3 year terms? A) Standard Reserved Instance B) Dedicated Host C) Convertible Reserved Instance D) Spot Instance

C) Convertible Reserved Instance

If you wanted to select a host on which an instance would run, which option should you use? A) Default B) Dedicated Instance C) Dedicated Host

C) Dedicated Hosts

Which of the following are valid use cases supported by Amazon CloudFront? (Select TWO.) A) Static asset caching B) Schema Conversion C) Live and on-demand video streaming D) Serverless Interactive Query E) Automated Backups

C) Live and on-demand video streaming D) Serverless Interactive Query

This is primarily used to protect your subnets by controlling inbound and outbound traffic. A) VPC B) Security Group C) Network ACL D) Elastic Network Interface

C) Network ACL

Which of the following is true about the enhanced technical support response times of the Enterprise support plan in AWS? (Select TWO.) A) Provides a 12-hour response time support for general guidance B) Provides a 2-hour response time support if your production system got impaired C) Provides a 1-hour response time support if your production system goes down D) Provides a 15-minute response time support if your business-critical system goes down E) Provides a 48-hour response time support for general guidance

C) Provides a 1-hour response time support if your production system goes down D) Provides a 15-minute response time support if your business-critical system goes down

What service acts as a firewall for your EC2 instances? A) VPC B) Elastic Network Interface C) Security Group D) Network ACL

C) Security Group

A Solutions Architect needs to set up a bastion host in the cheapest, most secure way. The Architect should be the only person that can access it via SSH. Which of the following steps would satisfy this requirement? A) Set up a large EC2 instance and a security group that only allows access on port 22 B) Set up a large EC2 instance and a security group that only allows access on port 22 via your IP address C) Set up a small EC2 instance and a security group that only allows access on port 22 via your IP address D) Set up a small EC2 instance and a security group that only allows access on port 22

C) Set up a small EC2 instance and a security group that only allows access on port 22 via your IP address

Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 90% discount compared to On-Demand prices? A) Convertible Reserved Instance B) Dedicated Host C) Spot Instance D) Standard Reserved Instance

C) Spot Instance

Who is your designated technical point of contact that provides all the necessary AWS expertise to maintain an operationally healthy AWS environment? A) Concierge Support B) AWS Systems Manager C) Technical Account Manager (TAM) D) Operations Support

C) Technical Account Manager (TAM)

A company's security team requires that all data stored in the cloud be encrypted at rest at all times using encryption keys stored on-premises. Which encryption options meet these requirements? (Select TWO.) A) Use Server-Side Encryption with Amazon S3 Managed Keys (SSE-S3). B) Use Server-Side Encryption with AWS KMS Managed Keys (SSE-KMS). C) Use Server-Side Encryption with Customer Provided Keys (SSE-C). D) Use client-side encryption to provide at-rest encryption. E) Use an AWS Lambda function triggered by Amazon S3 events to encrypt the data using the customer's keys.

C, D - Server-Side Encryption with Customer-Provided Keys (SSE-C) enables Amazon S3 to encrypt objects server side using an encryption key provided in the PUT request. The same key must be provided in GET requests for Amazon S3 to decrypt the object. Customers also have the option to encrypt data client side before uploading it to Amazon S3 and decrypting it after downloading it. AWS SDKs provide an S3 encryption client that streamlines the process.

Your hosted application is running in US-EAST-1. The application design mandates that 5 EC2 instances are online and must be available at all times. You have selected three availability zones: US-EAST -1a, US-EAST-1b, and US-EAST-1C. Which EC2 instance production deployment will provide the required high-availability and fault tolerance if one availability zone in US-EAST fails? Choose TWO answers. A. 2 EC2 instances in US-EAST -1a, 2 EC2 instances in US-EAST -1b, 2 EC2 instances in USEAST -1C. B. 4 EC2 instances in US-EAST -1a, 4 EC2 instances in US-EAST -1b, and no EC2 instances in US-EAST -1C. C. 3 EC2 instances in US-EAST -1a, 3 EC2 instances in US-EAST -1b, 3 EC2 instances in USEAST -1C. D. 5 EC2 instances in US-EAST -1a, 5 EC2 instances in US-EAST -1b, and no 2 EC2 instances in US-EAST -1C. E. 5 EC2 instances in US-EAST -1a, 2 EC2 instances in US-EAST -1b, and 2 EC2 instances in US-EAST -1C.

C. 3 EC2 instances in US-EAST -1a, 3 EC2 instances in US-EAST -1b, 3 EC2 instances in USEAST -1C. D. 5 EC2 instances in US-EAST -1a, 5 EC2 instances in US-EAST -1b, and no 2 EC2 instances in US-EAST -1C.

Your company has a two-tier application in production operating across two availability zones. Database servers are redundantly located in sized appropriately across both availability zones. Auto Scaling and Auto Scaling Groups support the web servers. Monitoring the Web server's application data loss is observed during peak operation hours. What option could be configured to stop any data loss and to analyze the launch and termination of the Web servers? A. Increase the cooldown period. B. Increase the redundancy of the database storage. C. Add lifecycle hooks to the auto scaling group. D. Increase the size of the database storage

C. Add lifecycle hooks to the auto scaling group.

An application server hosted in a VPC needs to access data records stored in another VPC in the same region. The data records belong to another AWS account. What needs to be set up to ensure the data can be accessed? A. Create a VPC private connection between the two VPC's. B. Create a VPN connection between the two VPCs. C. Create a VPC peering connection between the two VPCs. D. Deploy a NAT gateway between the two VPCs

C. Create a VPC peering connection between the two VPCs.

Two years ago, the graphics department moved in their operations to AWS. Last year application development was moved to AWS. The accounting department is now moving to AWS. Compliance requirements dictate that each department must use its own AWS account. How can the charges for the AWS services used for each AWS account be consolidated into one bill? A. Use Resource groups to group AWS resources. B. Use AWS Control Tower. C. Deploy AWS Organizations. D. Use tags and Cost Explore to create custom bills for each AWS account

C. Deploy AWS Organizations.

S3 buckets are used to store logs for a variety of applications hosted in AWS test environments. The log files need to be retained for three months for troubleshooting purposes but once the applications go live the logs need to be purged. How can this requirement be achieved? A. Add a bucket policy that specifies the developers IAM accounts. B. Enable event notifications. C. Enable a lifecycle management rule. D. Enable CORS

C. Enable a lifecycle management rule.

Which of the following best describes interoperability? A. Systems that work with any client software and access methods B. Systems that will work with any type of network offerings C. Systems that operate independently of particular platforms and hosting providers D. Systems that are compatible with most operating systems and mobile devices

C. Interoperability pertains to the ability of a system to reuse components and services, without being dependent on a particular hosting provider. This allows systems to easily move between cloud providers and maintains the most flexibility and options for a company.

Your IT team deploys a variety of popular applications hosted on EC2 instances and containers managed by AWS Fargate. Because of increased application usage, your costs are going to increase substantially. How can you save additional costs when running EC2 instances and containers at AWS? A. Purchase a EC2 instance savings plan. B. Purchase Convertible Reserve Instances. C. Purchase a Compute Savings Plan. D. Purchase Standard Reserved Instance

C. Purchase a Compute Savings Plan.

Which of the following best describes scalability? A. A customer only pays for the resources they need and are using at a particular time. B. The ability to deploy as many virtual machines as a cloud customer requires. C. The ability to statically change the level of computing or storage resources to meet changing demands. D. Having unlimited resources within a cloud infrastructure.

C. Scalability pertains to the ability to change the level of resources being utilized by a cloud customer to meet current demands over time. This includes both the ability to add resources for new deployments or expected needs and the ability to downgrade resources and save costs when not needed.

Your company is exploring deploying high-performance computing at AWS The architecture design needs to have extremely low risk simultaneous failures if possible. The recommendation has been to create a placement group for the EC2 instances. Which type of placement group should be deployed? A. Multi AZ placement group. B. Multi region placement group. C. Spread Placement group. D. Partition placement group.

C. Spread Placement group.

Mobile application data is uploaded and stored using a mobile application. Your company has decreed that additional measures need to be in place to protect against any data loss. What solution could provide this service? A. Store data in shared EFS storage. B. Stored data on EC2 ephemeral storage. C. Store data objects in an S3 bucket and enable versioning. D. Store data objects in an Amazon Glacier archive.

C. Store data objects in an S3 bucket and enable versioning.

A web application uses a RDS MySQL instance in a single availability zone to store the applications search index and thousands of JPEG files images. A cost analysis of the application recommends deploying a different a different storage solution for the graphic files and embrace a high-availability solution. Choose TWO answers that can achieve these goals. A. Store the JPEG images in an S3 bucket and enable transfer acceleration. B. Increase the size of the database instance storage. C. Store the JPEG images in an S3 bucket fronted by a Cloud Front distribution. D. Add a second availability zone for the RDS MySQL deployment

C. Store the JPEG images in an S3 bucket fronted by a Cloud Front distribution. D. Add a second availability zone for the RDS MySQL deployment

A popular online concert ticket application needs to manage their cloud storage more effectively. Inventory of their current S3 objects indicate that many terabytes of objects are stored and never accessed again after 90 days. What workflow can be implemented to delete all objects in the S3 buckets older than 90 days? A. Store the files in Amazon Glacier and create a lifecycle policy delete all objects older than three months. B. Move the files in EFS storage and enable Reduced Redundancy Storage. C. Store the files in Amazon S3 and create a lifecycle policy to delete all objects older than three months. D. Store the files in Amazon Glacier Deep Archive and create a lifecycle policy to delete all objects older than three months

C. Store the files in Amazon S3 and create a lifecycle policy to delete all objects older than three months.

Your company's yearly security audit of a company's AWS resources requires a listing of all source IP addresses that access AWS resources in both public and private subnets. Which AWS service can provide this requirement? A. Amazon Inspector. B. CloudTrail events. C. VPC Flow logs. D. CloudWatch log groups

C. VPC Flow logs.

Which of the following best describes Platform as a Service? A. The cloud customer is responsible for provisioning and configuring virtual machines from a base image. B. The cloud provider gives the customer access to a full application where only data imports and branding are required. C. The cloud customer provisions systems that are configured up to the point of deploying code and data. D. The cloud provider gives the customer a fully configured network, but the customer is responsible for the configuration of all virtual machines within it.

C. With Platform as a Service, the cloud provider provisions fully built systems that have all necessary libraries and software platforms that a customer can quickly deploy their code and data on to begin utilization.

A method of provisioning AWS infrastructure using code. It allows you to model a collection of related resources, both AWS and third party, to provision them quickly and consistently. It provides you with a mechanism to manage the resources through their lifecycle.

CloudFormation

A monitoring and observability service built for DevOps engineers, developers, site reliability engineers (SREs), and IT managers. Provides you with data and actionable insights to monitor your applications, respond to system-wide performance changes, optimize resource utilization, and get a unified view of operational health.

CloudWatch

What instances are ideal for compute bound applications that benefit from high performance processors. Instances belonging to this family are well suited for batch processing workloads, media transcoding, high performance web servers, high performance computing (HPC), scientific modeling, dedicated gaming servers and ad server engines, machine learning inference and other compute intensive applications.

Compute Optimized

Assists you with your billing and account inquiries, and works with you to implement billing and account best practices so that you can focus on what matters: running your business.

Concierge Support

Pillar that focuses on avoiding unnecessary costs. Key topics include understanding and controlling where money is being spent, selecting the most appropriate and right number of resource types, analyzing spend over time, and scaling to meet business needs without overspending.

Cost Optimization Pillar

A company needs to perform asynchronous processing, and has Amazon SQS as part of a decoupled architecture. The company wants to ensure that the number of empty responses from polling requests are kept to a minimum. What should a solutions architect do to ensure that empty responses are reduced? A) Increase the maximum message retention period for the queue. B) Increase the maximum receives for the redrive policy for the queue. C) Increase the default visibility timeout for the queue. D) Increase the receive message wait time for the queue.

D - When the ReceiveMessageWaitTimeSeconds property of a queue is set to a value greater than zero, long polling is in effect. Long polling reduces the number of empty responses by allowing Amazon SQS to wait until a message is available before sending a response to a ReceiveMessage request.

A service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. This service does not store certifications or compliance-related documents. A) AWD) AWS Certificate ManagerS Trusted Advisor B) AWS CloudTrail C) AWS Artifact D) AWS Certificate Manager

D) AWS Certificate Manager

A service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. This service does not store certifications or compliance-related documents. A) AWS Organizations B) AWS GovCloud C) AWS Artifact D) AWS Certificate Manager

D) AWS Certificate Manager

A customer needs to access a broad collection of AWS services via an intuitive, web-based user interface. Which of the following options would you recommend? A) AWS SDK B) Bastion Host C) AWS CLI D) AWS Management Console

D) AWS Management Console

A company is planning to launch a new system in AWS but they do not have an employee who has an AWS-related expertise. Which of the following can help the company to design, architect, build, migrate, and manage their workloads and applications on AWS? A) AWS Partner Network Technology Partners B) AWS Marketplace C) Technical Account Management D) AWS Partner Network Consulting Partners

D) AWS Partner Network Consulting Partners

Designated technical point of contact who provides advocacy and guidance to help plan and build solutions using best practices, coordinate access to subject matter experts and product teams, and proactively keep your AWS environment operationally healthy. A) AWS Enterprise Support B) Concierge Support C) AWS Professional Services D) AWS Technical Account Manager

D) AWS Technical Account Manager

Among the following services, which is the most suitable one to use to store the results of I/O-intensive SQL database queries to improve application performance? A) AWS Greengrass B) Amazon CloudFront C) Amazon DynamoDB Accelerator (DAX) D) Amazon ElastiCache

D) Amazon ElastiCache

This service just makes it easy for you to deploy and run Memcached or Redis protocol-compliant server nodes in the cloud. A) Amazon Aurora B) Amazon Redshift C) Amazon DynamoDB D) Amazon ElastiCache

D) Amazon ElastiCache

What is Amazon EBS? A) Object storage solution that can scale to incredible sizes to meet demand and storage requirements B) Block storage device that can connect to multiple instances at the same time C) File storage system that can connect to multiple instances at the same time D) Block Storage device that connects to one instance at a time. Can be backed to Amazon S3

D) Block Storage device that connects to one instance at a time. Can be backed to Amazon S3

Automatically distributes incoming application traffic across multiple targets, such as Amazon EC2 instances, containers, IP addresses, and Lambda functions. It can handle the varying load of your application traffic in a single Availability Zone or across multiple Availability Zones. A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

D) Elastic Load Balancer

A logical networking component in a VPC that represents a virtual network card. A) VPC B) Security Group C) Network ACL D) Elastic Network Interface

D) Elastic Network Interface

This provides both Layer 3 gateway and Layer 4 load balancing capabilities. It is a transparent bump-in-the-wire device that does not change any part of the packet. It is architected to handle millions of requests/second, volatile traffic patterns, and introduces extremely low latency. A) Application Load Balancer B) Network Load Balancer C) Classic Load Balancer D) Elastic Load Balancer

D) Gateway Load Balancer

A MariaDB RDS database is known to have high memory consumption during peak hours which deteriorates the overall performance of your application. What cost-effective change can you introduce to resolve this issue if the database is handling write-intensive operations? A) Switch to DynamoDB to enjoy millisecond latency B) Add read replicas to lessen the burden of read operations C) Distribute the workload by running multiple instances D) Scale the instance vertically to a higher memory capacity

D) Scale the instance vertically to a higher memory capacity

Which Amazon EC2 instance purchasing option lets you take advantage of unused EC2 capacity in the AWS Cloud and provides up to a 90% discount compared to On-Demand prices? A) Standard Reserved Instance B) Dedicated Host C) Convertible Reserved Instance D) Spot Instance

D) Spot Instance

What built in AWS service allows customers to automate deployment of most AWS services? A. AWS CodeDeploy. B. AWS CodeBuild. C. AWS Elastic Beanstalk. D. AWS CloudFormation.

D. AWS CloudFormation.

A development team is creating a hosted application that requires a highly available data store that can persist and index JSON data. The speed of data access needs to remain consistent regardless of the application traffic levels. Which database service would be able to meet these needs? A. EBS volumes with provisioned IOPS. B. AWS DynamoDB. C. Amazon Redshift. D. AWS ElastiCache.

D. AWS ElastiCache.

A developer is considering utilizing AWS platform as a service solution Elastic Beanstalk. Which of the following scenarios could take advantage of this service? A. Batch processes that run nightly. B. Deploying infrastructure resources using Puppet. C. Moving on premises data warehouse to AWS. D. An Node.js application posted on EC2 instances. E. An application with worker environments using load-balancing and autoscaling

D. An Node.js application posted on EC2 instances. E. An application with worker environments using load-balancing and autoscaling

A new application has been deployed utilizing Auto scale and an outer scaling group for the web tier that mandates two c5.XLarge instances to be always running. Maximum scale is set at 10 instances. Reviewing the first month of operation, the overall costs deemed to be too high. How could costs be reduced without affecting the overall performance of the application? A. Change the EC2 instances to t3.micro instances. B. Create an Auto Scaling group with a minimum of two On-Demand instances. Define the maximum scale using a mix of On-Demand and Spot Instances using 100 % of On-Demand Instances and 0% of Spot Instances. C. Change the Autoscaling group with Spot instances. D. Create an Auto Scaling group with a minimum of two On Demand instances. Define the maximum scale using a mix of On-Demand and Spot Instances using 30 % of On-Demand Instances and 70% of Spot Instances.

D. Create an Auto Scaling group with a minimum of two On Demand instances. Define the maximum scale using a mix of On-Demand and Spot Instances using 30 % of On-Demand Instances and 70% of Spot Instances.

A startup has launched a unlimited cloud storage service that allows users to start any amount of personal data. In the background they are using S3 buckets to store the user's data. Analyzing their storage costs for the last few months they notice that there are many uploaded larger files averaging over 200 Gb in size that have been partially uploaded but have not completed. What solution can be deployed to manage incomplete uploads and save costs? A. Create a CLI script to search for and remove all incomplete multipart uploads. B. Search and delete all incomplete multipart uploads. C. Incomplete uploads are automatically deleted by S3 already. D. Create an S3 Lifecycle rule to help remove incomplete multipart uploads

D. Create an S3 Lifecycle rule to help remove incomplete multipart uploads

Which of the following is most pertinent to cost-saving benefits of cloud computing? A. Broad network access B. On-demand self-service C. Resource pooling D. Metered service

D. Metered Service Metered service allows a company to only pay for resources during the time they are actually allocated and in use. This allows a company to alter their resources as needed and to disable during times of nonuse, versus a traditional data center, where hardware must be purchased and active, whether it is actually being used or not.

Which cloud concept would most interest a company that wants flexibility in choosing different cloud providers as their needs change? A. Reversibility B. Availability C. Resiliency D. Portability

D. Portability Portability pertains to the ability of a company to quickly and easily move systems between cloud providers. This is maintained by minimizing the utilization of proprietary offerings from cloud providers that would be unique to that provider and would prevent their easy move to a different offering.

Several legacy applications that currently operate on premises need to be moved to AWS. The applications perform media processing and need compatible shared storage with highperformance. What storage solution should be chosen? A. EBS volumes with provisioned IOPS. B. Create a FSx shared storage array. C. Create an EFS shared storage array. D. Store files in S3 and process using FSx for Lustre

D. Store files in S3 and process using FSx for Lustre

When reviewing the architectural design of an important corporate application, the following architecture has been deployed. Web servers hosted on EC2 instances on private subnets in two availability zones. Web servers are hosted behind a public facing Elastic Load Balancer. Web servers are deployed using an Auto Scaling Group to manage computer power. A NAT instance provides a public path for updates from the private subnets. Where is the single point of failure in the architecture? A. Each EC2 instance hosting the web server. B. The Elastic Load Balancer. C. The Auto scaling group. D. The NAT instance

D. The NAT instance

Which of the following best describes Infrastructure as a Service? A. The cloud customer is responsible for provisioning and configuring virtual machines from a base image. B. The cloud provider gives the customer access to a full application where only data imports and branding are required. C. The cloud customer provisions systems that are configured up to the point of deploying code and data. D. The cloud provider gives the customer a fully configured network, but the customer is responsible for the configuration of all virtual machines within it.

D. With Infrastructure as a Service, the cloud provider gives the customer a base environment where they can fully deploy virtual machines and virtual network devices. The cloud customer is responsible for all deployments and configurations beyond the base environment.

EC2 Dedicated Host that is a physical server dedicated to your use. A full physical server with EC2 Instance capacity fully dedicated to your use. They help with strict regulatory compliance or software license use.

Dedicated Hosts

EC2 Dedicated Host that are Physically isolated from other AWS accounts

Dedicated Instances

What are AWS Dedicated EC2 Services

Dedicated Instances Dedicated Host

Define workload metrics to measure the achievement of KPIs (for example, abandoned shopping carts, orders placed, cost, price, and allocated workload expense). You define these metrics to measure the health of the workload (for example, interface response time, error rate, requests made, requests completed, and utilization). Evaluate metrics to determine if the workload is achieving desired outcomes, and to understand the health of the workload.

Define workload metrics

There are five design principles for performance efficiency in the cloud:

Democratize advanced technologies Go global in minutes Use serverless architectures Experiment more often Consider mechanical sympathy

To prepare for operational excellence, you need to perform the following:

Design Telemetry Design for Operations Mitigate Deployment Risks Operational Readiness

A DynamoDB-compatible caching service that enables you to benefit from fast in-memory performance for demanding applications. It reduces the response times of eventually consistent read workloads by an order of magnitude from single-digit milliseconds to microseconds. Reduces operational and application complexity by providing a managed service that is API-compatible with DynamoDB. Therefore, it requires only minimal functional changes to use with an existing application.

DynamoDB DAX

Tool that simplifies the creation, maintenance , validation, sharing and deployment of Linux or Window. It simplifies the building, testing, and deployment of Virtual Machine and container images for use on AWS or on-premises.

EC2 Image builder

Used to deliver content to end users with lower latency, Amazon CloudFront uses a global network of 187 Points of Presence (176 Edge Locations and 11 Regional Edge Caches) in 69 cities across 30 countries

Edge Locations

An orchestration service offered by Amazon Web Services for deploying applications which orchestrates various AWS services, including EC2, S3, Simple Notification Service, CloudWatch, autoscaling, and Elastic Load Balancers.

Elastic Beanstalk

Designed for hosting Web server environments and worker environments written in multiple programming languages

Elastic Beanstalk

A fully managed in-memory data store and cache service by Amazon Web Services. The service improves the performance of web applications by retrieving information from managed in-memory caches, instead of relying entirely on slower disk-based databases. The service improves the performance of web applications by retrieving information from managed in-memory caches, instead of relying entirely on slower disk-based databases. It supports two open-source in-memory caching engines: Memcached and Redis.

Elastic Cache

How are Elastic IPs different than Static IP addresses

Elastic IP addresses allow you to mask instance or Availability Zone failures by rapidly remapping your public IP addresses to another instance and Static IPs don't

A serverless event bus service that you can use to connect your applications with data from a variety of sources. It delivers a stream of real-time data from your applications, software as a service (SaaS) applications, and AWS services to targets such as AWS Lambda functions, HTTP invocation endpoints using API destinations, or event buses in other AWS accounts.

EventBridge

Allows you to retrieve Glacier data within five minutes

Expedited retrieval policy.

What is S3 Standard

Frequently accessed data in storage

What are you charged for when you use S3?

GBS Per Month Transfer Out to other regions PUT, COPY, POST, LIST, and GET request

What instances provide a balance of compute, memory and networking resources, and can be used for a variety of diverse workloads. These instances are ideal for applications that use these resources in equal proportions such as web servers and code repositories.

General Purpose EC2s

Based on desired business outcomes (for example, order rate, customer retention rate, and profit versus operating expense) and customer outcomes (for example, customer satisfaction)

Identify key performance indicators

There are seven design principles for security in the cloud:

Implement a strong identity foundation Enable traceability Apply security at all layers Automate security best practices Protect data in transit and at rest Keep people away from data Prepare for security events

There are five design principles for cost optimization in the cloud:

Implement cloud financial management Adopt a consumption model Measure overall efficiency Stop spending money on undifferentiated heavy lifting Analyze and attribute expenditure

What are the features of EC2 Builder?

Increase productivity and reduce operations for building compliant and up-to-date images Image Builder reduces the amount of work involved in creating and managing images at scale by automating your build pipelines.

What is S3 One Zone 1A

Long Lived Storage infrequently accessed by rapid access

AWS Nonrelational DB options

MongoDB Cassandra Redis DocumentDB

Pricing Option for EC2 where you pay for compute capacity per second, (AWS Linux and Ubuntu) or pay by the hour. They have no long term commitments or upfront payments. You can increase or decrease

On Demand Instances

Pillar that includes the ability to support development and run workloads effectively, gain insight into their operation, and continuously improve supporting processes and procedures to delivery business value.

Operational Excellence

Pillar that Focuses on running and monitoring systems to deliver business value, and continually improving processes and procedures. Key topics include automating changes, responding to events, and defining standards to manage daily operations.

Operational Excellence Pillar

There are four best practice areas for operational excellence in the cloud:

Organization Prepare Operate Evolve

What are the Accelerated Computing Families

P4, P3, P2, Inf1, G4dn, G3, and F1

What are the five DESIGN principles for operational excellence in the cloud:

Perform operations as code Make frequent, small, reversible changes Refine operations procedures frequently Anticipate failure Learn from all operational failures

Pillar that focuses on using IT and computing resources efficiently. Key topics include selecting the right resource types and sizes based on workload requirements, monitoring performance, and making informed decisions to maintain efficiency as business needs evolve.

Performance Efficiency Pillar

Pillar that includes the ability to use computing resources efficiently to meet system requirements, and to maintain that efficiency as demand changes and technologies evolve.

Performance Efficiency Pillar

What does the business risk management (BRM) do

Performs risk assessments and risk monitoring of key AWS functional areas Identifies and drives remediation of risks Maintains a register of known risks

There are five best practice areas for cost optimization in the cloud:

Practice Cloud Financial Management Expenditure and usage awareness Cost-effective resources Manage demand and supply resources Optimize over time

Included access to Well-Architected Reviews, Operations Reviews, and Infrastructure Event Management.

Proactive Support Programs

Where does DynomoDB run? VPC or Public Cloud

Public Cloud

Memory Optimization EC2s

R5 family and X1

What are some Memory Optimized Screen

R5, R6g, R4, X2 and X1 groups

Pillar that encompasses the ability of a workload to perform its intended function correctly and consistently when it's expected to. This includes the ability to operate and test the workload through its total lifecycle.

Reliability Pillar

Pillar that focuses on ensuring a workload performs its intended function correctly and consistently when it's expected to. A resilient workload quickly recovers from failures to meet business and customer demand. Key topics include distributed system design, recovery planning, and how to handle change.

Reliability Pillar

Pre Pay Pricing Option on an EC2. Standard RI , Convertible RI and Scheduled RI. Three Up front payment methods and can be shared among multiple accounts within a billing family. Provides the ability to reserve capacity ahead of time and reduces cost.

Reserved Instances

Designed to help analyze and process data within an object in Amazon S3 buckets, faster and cheaper. It works by providing the ability to retrieve a subset of data from an object in Amazon S3 using simple SQL expressions. Your applications no longer have to use compute resources to scan and filter the data from an object, potentially increasing query performance by up to 400%, and reducing query costs as much as 80%. You simply change your application to use SELECT instead of GET to take advantage of S3 Select.

S3 Select

Pricing option for EC2 that provide the most flexibility and helps reduce your cost up to 66%. It applies to a specific instance family within a Region and provides the largest discount up to 72% you commit to 2 to 3

Savings Plans

A process that is not related to content delivery. Schema conversion is used to convert your existing database schema to a different database engine. This option is only supported in Database Migration Service.

Schema Conversion

There are six best practice areas for security in the cloud:

Security Identity and Access Management Detection Infrastructure Protection Data Protection Incident Response

Pillar that focuses on protecting information and systems. Key topics include confidentiality and integrity of data, identifying and managing who can do what with privilege management, protecting systems, and establishing controls to detect security events.

Security Pillar

An Exabyte-scale data transfer service used to move extremely large amounts of data to AWS. You can transfer up to 100PB , a 45-foot long ruggedized shipping container, pulled by a semi-trailer truck.

Snowmobile

Pricing option for EC2, that allows access AWS Idle Capacity while they remain idle. Prices are based on long term trends of supply and demand. Interruption notice provided 2 minutes prior to instance termination. Flexibility is the key to success but provides up to 90% savings.

Spot Instances

What are Spot Instances appropriate for

Stateless, fault tolerant workloads. Batch type jobs

What instances are designed for workloads that require high, sequential read and write access to very large data sets on local storage. They are optimized to deliver tens of thousands of low-latency, random I/O operations per second (IOPS) to applications.

Storage Optimized

The Concierge Team are AWS billing and account experts that specialize in working with enterprise accounts. They will quickly and efficiently assist you with your billing and account inquiries, and work with you to implement billing and account best practices so that you can focus on what matters: running your business.

Support Concierge

A resource or endpoint that EventBridge sends an event to when the event matches the event pattern defined for a rule. The rule processes the event data and sends the pertinent information to the target. To deliver event data to a target, EventBridge needs permission to access the target resource. You can define up to five targets for each rule.

Target

Your designated technical point of contact who provides advocacy and guidance to help plan and build solutions using best practices, coordinates access to subject matter experts and product teams, and proactively keeps your AWS environment operationally healthy.

Technical Account Manager (TAM)

A feature that enables you to capture information about the IP traffic going to and from network interfaces in your VPC.

VPC Flow Logs

A unique identifier that's associated with a secret access key; the access key ID and secret access key are used together to sign programmatic AWS requests cryptographically.

access key ID

Program that partners with AWS business units to provide the AWS Board of Directors and AWS senior leadership a holistic view of key risks across AWS.

business risk management (BRM)


Set pelajaran terkait

Figure 7-17: The Vertebral Column

View Set

Biomechanics - Wrist/Hand Questions

View Set

anatomy and physiology chapter 6

View Set

Cultural Area: Indigenous North America

View Set

AC 210-003: Chapter 6 Learn Smart

View Set

Harr MLS Review Chemistry 5.8 Clinical Endocrinology

View Set

The Institutions of Government and The Separation of Powers

View Set

Ch 40: Care of Veterans with Mental Health Needs

View Set